mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-11 02:13:40 +00:00
f60d200d5a
* key rotation * fix: rotate signing key * cleanup * introspect * testingapplication key * date * client keys * fix client keys * fix client keys * access tokens only for users * AuthMethodPrivateKeyJWT * client keys * set introspection info correctly * managae apis * update oidc pkg * cleanup * merge msater * set current sequence in migration * set current sequence in migration * set current sequence in migration * ensure authn keys uptodate * improve key rotation * fix: return api config in ApplicationView * fix mocks for tests * fix(mock): corrected unit tests for updated mock package Co-authored-by: Stefan Benz <stefan@caos.ch>
120 lines
3.8 KiB
Go
120 lines
3.8 KiB
Go
package handler
|
|
|
|
import (
|
|
"time"
|
|
|
|
sd "github.com/caos/zitadel/internal/config/systemdefaults"
|
|
"github.com/caos/zitadel/internal/eventstore"
|
|
"github.com/caos/zitadel/internal/eventstore/query"
|
|
iam_events "github.com/caos/zitadel/internal/iam/repository/eventsourcing"
|
|
key_model "github.com/caos/zitadel/internal/key/model"
|
|
org_events "github.com/caos/zitadel/internal/org/repository/eventsourcing"
|
|
proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
|
|
|
|
"github.com/caos/zitadel/internal/auth/repository/eventsourcing/view"
|
|
"github.com/caos/zitadel/internal/config/types"
|
|
usr_event "github.com/caos/zitadel/internal/user/repository/eventsourcing"
|
|
)
|
|
|
|
type Configs map[string]*Config
|
|
|
|
type Config struct {
|
|
MinimumCycleDuration types.Duration
|
|
}
|
|
|
|
type handler struct {
|
|
view *view.View
|
|
bulkLimit uint64
|
|
cycleDuration time.Duration
|
|
errorCountUntilSkip uint64
|
|
|
|
es eventstore.Eventstore
|
|
}
|
|
|
|
func (h *handler) Eventstore() eventstore.Eventstore {
|
|
return h.es
|
|
}
|
|
|
|
type EventstoreRepos struct {
|
|
UserEvents *usr_event.UserEventstore
|
|
ProjectEvents *proj_event.ProjectEventstore
|
|
OrgEvents *org_events.OrgEventstore
|
|
IamEvents *iam_events.IAMEventstore
|
|
}
|
|
|
|
func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, es eventstore.Eventstore, repos EventstoreRepos, systemDefaults sd.SystemDefaults, keyChan chan<- *key_model.KeyView) []query.Handler {
|
|
return []query.Handler{
|
|
newUser(
|
|
handler{view, bulkLimit, configs.cycleDuration("User"), errorCount, es},
|
|
repos.OrgEvents,
|
|
repos.IamEvents,
|
|
systemDefaults.IamID),
|
|
newUserSession(
|
|
handler{view, bulkLimit, configs.cycleDuration("UserSession"), errorCount, es},
|
|
repos.UserEvents),
|
|
newUserMembership(
|
|
handler{view, bulkLimit, configs.cycleDuration("UserMembership"), errorCount, es},
|
|
repos.OrgEvents,
|
|
repos.ProjectEvents),
|
|
newToken(
|
|
handler{view, bulkLimit, configs.cycleDuration("Token"), errorCount, es},
|
|
repos.ProjectEvents),
|
|
newKey(
|
|
handler{view, bulkLimit, configs.cycleDuration("Key"), errorCount, es},
|
|
keyChan),
|
|
newApplication(handler{view, bulkLimit, configs.cycleDuration("Application"), errorCount, es},
|
|
repos.ProjectEvents),
|
|
newOrg(
|
|
handler{view, bulkLimit, configs.cycleDuration("Org"), errorCount, es}),
|
|
newUserGrant(
|
|
handler{view, bulkLimit, configs.cycleDuration("UserGrant"), errorCount, es},
|
|
repos.ProjectEvents,
|
|
repos.UserEvents,
|
|
repos.OrgEvents,
|
|
repos.IamEvents,
|
|
systemDefaults.IamID),
|
|
newAuthNKeys(
|
|
handler{view, bulkLimit, configs.cycleDuration("MachineKey"), errorCount, es}),
|
|
newLoginPolicy(
|
|
handler{view, bulkLimit, configs.cycleDuration("LoginPolicy"), errorCount, es}),
|
|
newIDPConfig(
|
|
handler{view, bulkLimit, configs.cycleDuration("IDPConfig"), errorCount, es}),
|
|
newIDPProvider(
|
|
handler{view, bulkLimit, configs.cycleDuration("IDPProvider"), errorCount, es},
|
|
systemDefaults,
|
|
repos.IamEvents,
|
|
repos.OrgEvents),
|
|
newExternalIDP(
|
|
handler{view, bulkLimit, configs.cycleDuration("ExternalIDP"), errorCount, es},
|
|
systemDefaults,
|
|
repos.IamEvents,
|
|
repos.OrgEvents),
|
|
newPasswordComplexityPolicy(
|
|
handler{view, bulkLimit, configs.cycleDuration("PasswordComplexityPolicy"), errorCount, es}),
|
|
newOrgIAMPolicy(
|
|
handler{view, bulkLimit, configs.cycleDuration("OrgIAMPolicy"), errorCount, es}),
|
|
newProjectRole(handler{view, bulkLimit, configs.cycleDuration("ProjectRole"), errorCount, es},
|
|
repos.ProjectEvents),
|
|
}
|
|
}
|
|
|
|
func (configs Configs) cycleDuration(viewModel string) time.Duration {
|
|
c, ok := configs[viewModel]
|
|
if !ok {
|
|
return 3 * time.Minute
|
|
}
|
|
return c.MinimumCycleDuration.Duration
|
|
}
|
|
|
|
func (h *handler) MinimumCycleDuration() time.Duration {
|
|
return h.cycleDuration
|
|
}
|
|
|
|
func (h *handler) LockDuration() time.Duration {
|
|
return h.cycleDuration / 3
|
|
}
|
|
|
|
func (h *handler) QueryLimit() uint64 {
|
|
return h.bulkLimit
|
|
}
|